Can you share any effective processes/strategies you’ve used to integrate cyber risk management and enterprise risk management at your org?

The Cyber risk to be effective must be classified as per risk type and compliance, it depends on early assessment of business versus legal compliance and presence, then accordingly match the tools that covers every risk identified or to be compliance against it as requirement, though as process (Assess, Build Risk register, classify as compliance register and Security register, match the tools, implements, report)

At our organization, we've taken a structured approach to integrating Cyber Risk Management into the broader Enterprise Risk Management framework. One of the most effective strategies has been aligning cyber risk with enterprise risk taxonomy and appetite. This ensures that cyber risks are not siloed but are evaluated alongside financial, operational, and strategic risks.
We’ve embedded cyber risk into our enterprise risk register, using a common risk scoring methodology to ensure consistency in how risks are assessed and prioritized. This allows executive leadership and the board to view cyber risk in context and make informed decisions.
Another key process has been establishing cross-functional risk committees that include stakeholders from IT, security, compliance, legal, and business units. These groups meet regularly to review emerging threats, assess risk treatment plans, and ensure alignment with business objectives.
Finally, we’ve integrated cyber risk metrics into our enterprise risk dashboards, enabling real-time visibility and reporting. This has helped drive accountability and foster a risk-aware culture across the organization.

I suppose it depends on the organisation and the industry.  Based to my experience, highly regulated organisations such as financial institutions are led by Enterprise Risk Management, and it is usually challenged to integrate cyber risk management into the "old school" ERM. Having separate risk register, governance committees, control testing program for tech/cyber is one option while adhering ERM principles

We implemented a Risk Management Operating Committee that meets on a regular cadence. It has representation from ERM, IT, Cyber and Legal.  This is where we discuss cross-functional risks/issues as well as cover any emerging risks that we should be aware of.

Integrating cyber risk management and enterprise risk management into the onboarding process is key. Old school security by design. If it's part of your onboarding / intake etc. this will help adoption and understanding. Risk and security shouldn't be the function of one team, it should be a collaborative effort, which everyone within the organization practices.